Twitter-compatible API - checks for is_readonly() now work!
darcs-hash:20081024213745-462f3-7c26611e7f75265affafd471c3d66e02ec7e686e.gz
This commit is contained in:
parent
18d4226ead
commit
f8a73c157e
@ -10,11 +10,11 @@
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
if (!defined('LACONICA')) { exit(1); }
|
||||
@ -40,7 +40,7 @@ class ApiAction extends Action {
|
||||
$this->api_method = $method;
|
||||
$this->content_type = strtolower($cmdext[1]);
|
||||
} else {
|
||||
|
||||
|
||||
# Requested format / content-type will be an extension on the method
|
||||
$cmdext = explode('.', $method);
|
||||
$this->api_method = $cmdext[0];
|
||||
@ -72,13 +72,13 @@ class ApiAction extends Action {
|
||||
|
||||
# Caller might give us a username even if not required
|
||||
if (isset($_SERVER['PHP_AUTH_USER'])) {
|
||||
$user = User::staticGet('nickname', $_SERVER['PHP_AUTH_USER']);
|
||||
$user = User::staticGet('nickname', $_SERVER['PHP_AUTH_USER']);
|
||||
if ($user) {
|
||||
$this->user = $user;
|
||||
}
|
||||
# Twitter doesn't throw an error if the user isn't found
|
||||
}
|
||||
|
||||
|
||||
$this->process_command();
|
||||
}
|
||||
}
|
||||
@ -109,7 +109,7 @@ class ApiAction extends Action {
|
||||
|
||||
# Whitelist of API methods that don't need authentication
|
||||
function requires_auth() {
|
||||
static $noauth = array( 'statuses/public_timeline',
|
||||
static $noauth = array( 'statuses/public_timeline',
|
||||
'statuses/show',
|
||||
'users/show',
|
||||
'help/test',
|
||||
@ -138,10 +138,10 @@ class ApiAction extends Action {
|
||||
}
|
||||
}
|
||||
|
||||
function show_basic_auth_error() {
|
||||
header('HTTP/1.1 401 Unauthorized');
|
||||
$msg = 'Could not authenticate you.';
|
||||
|
||||
function show_basic_auth_error() {
|
||||
header('HTTP/1.1 401 Unauthorized');
|
||||
$msg = 'Could not authenticate you.';
|
||||
|
||||
if ($this->content_type == 'xml') {
|
||||
header('Content-Type: application/xml; charset=utf-8');
|
||||
common_start_xml();
|
||||
@ -151,7 +151,7 @@ class ApiAction extends Action {
|
||||
common_element_end('hash');
|
||||
common_end_xml();
|
||||
} else if ($this->content_type == 'json') {
|
||||
header('Content-Type: application/json; charset=utf-8');
|
||||
header('Content-Type: application/json; charset=utf-8');
|
||||
$error_array = array('error' => $msg, 'request' => $_SERVER['REQUEST_URI']);
|
||||
print(json_encode($error_array));
|
||||
} else {
|
||||
@ -165,20 +165,27 @@ class ApiAction extends Action {
|
||||
$apiaction = $_REQUEST['apiaction'];
|
||||
$method = $_REQUEST['method'];
|
||||
list($cmdtext, $fmt) = explode('.', $method);
|
||||
|
||||
# FIXME: probably need a table here, instead of this switch
|
||||
|
||||
switch ($apiaction) {
|
||||
case 'statuses':
|
||||
switch ($cmdtext) {
|
||||
case 'update':
|
||||
case 'destroy':
|
||||
return false;
|
||||
default:
|
||||
|
||||
static $write_methods = array(
|
||||
'account' => array('update_location', 'update_delivery_device', 'end_session'),
|
||||
'blocks' => array('create', 'destroy'),
|
||||
'direct_messages' => array('create', 'destroy'),
|
||||
'favorites' => array('create', 'destroy'),
|
||||
'friendships' => array('create', 'destroy'),
|
||||
'help' => array(),
|
||||
'notifications' => array('follow', 'leave'),
|
||||
'statuses' => array('update', 'destroy'),
|
||||
'users' => array()
|
||||
);
|
||||
|
||||
if (array_key_exists($apiaction, $write_methods)) {
|
||||
common_debug("checking method");
|
||||
if (!in_array($cmdtext, $write_methods[$apiaction])) {
|
||||
return true;
|
||||
}
|
||||
default:
|
||||
return false;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
}
|
||||
|
@ -23,20 +23,6 @@ require_once(INSTALLDIR.'/lib/twitterapi.php');
|
||||
|
||||
class TwitapiaccountAction extends TwitterapiAction {
|
||||
|
||||
function is_readonly() {
|
||||
|
||||
static $write_methods = array( 'update_location',
|
||||
'update_delivery_device');
|
||||
|
||||
$cmdtext = explode('.', $this->arg('method'));
|
||||
|
||||
if (in_array($cmdtext[0], $write_methods)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
function verify_credentials($args, $apidata) {
|
||||
|
||||
if ($apidata['content-type'] == 'xml') {
|
||||
|
@ -23,20 +23,6 @@ require_once(INSTALLDIR.'/lib/twitterapi.php');
|
||||
|
||||
class Twitapidirect_messagesAction extends TwitterapiAction {
|
||||
|
||||
function is_readonly() {
|
||||
|
||||
static $write_methods = array( 'direct_messages',
|
||||
'sent');
|
||||
|
||||
$cmdtext = explode('.', $this->arg('method'));
|
||||
|
||||
if (in_array($cmdtext[0], $write_methods)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
function direct_messages($args, $apidata) {
|
||||
parent::handle($args);
|
||||
return $this->show_messages($args, $apidata, 'received');
|
||||
|
@ -23,19 +23,6 @@ require_once(INSTALLDIR.'/lib/twitterapi.php');
|
||||
|
||||
class TwitapifavoritesAction extends TwitterapiAction {
|
||||
|
||||
function is_readonly() {
|
||||
|
||||
static $write_methods = array('favorites');
|
||||
|
||||
$cmdtext = explode('.', $this->arg('method'));
|
||||
|
||||
if (in_array($cmdtext[0], $write_methods)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
function favorites($args, $apidata) {
|
||||
parent::handle($args);
|
||||
|
||||
|
@ -23,20 +23,6 @@ require_once(INSTALLDIR.'/lib/twitterapi.php');
|
||||
|
||||
class TwitapifriendshipsAction extends TwitterapiAction {
|
||||
|
||||
function is_readonly() {
|
||||
|
||||
static $write_methods = array( 'create',
|
||||
'destroy');
|
||||
|
||||
$cmdtext = explode('.', $this->arg('method'));
|
||||
|
||||
if (in_array($cmdtext[0], $write_methods)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
function create($args, $apidata) {
|
||||
parent::handle($args);
|
||||
|
||||
|
@ -23,10 +23,6 @@ require_once(INSTALLDIR.'/lib/twitterapi.php');
|
||||
|
||||
class TwitapihelpAction extends TwitterapiAction {
|
||||
|
||||
function is_readonly() {
|
||||
return true;
|
||||
}
|
||||
|
||||
/* Returns the string "ok" in the requested format with a 200 OK HTTP status code.
|
||||
* URL:http://identi.ca/api/help/test.format
|
||||
* Formats: xml, json
|
||||
|
@ -23,20 +23,6 @@ require_once(INSTALLDIR.'/lib/twitterapi.php');
|
||||
|
||||
class TwitapistatusesAction extends TwitterapiAction {
|
||||
|
||||
function is_readonly() {
|
||||
|
||||
static $write_methods = array( 'update',
|
||||
'destroy');
|
||||
|
||||
$cmdtext = explode('.', $this->arg('method'));
|
||||
|
||||
if (in_array($cmdtext[0], $write_methods)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
function public_timeline($args, $apidata) {
|
||||
parent::handle($args);
|
||||
|
||||
@ -242,6 +228,10 @@ class TwitapistatusesAction extends TwitterapiAction {
|
||||
return;
|
||||
}
|
||||
|
||||
foreach ($_POST as $p => $v) {
|
||||
common_debug("_POST: $p = $v");
|
||||
}
|
||||
|
||||
$this->auth_user = $apidata['user'];
|
||||
$user = $this->auth_user;
|
||||
$status = $this->trimmed('status');
|
||||
|
@ -23,10 +23,6 @@ require_once(INSTALLDIR.'/lib/twitterapi.php');
|
||||
|
||||
class TwitapiusersAction extends TwitterapiAction {
|
||||
|
||||
function is_readonly() {
|
||||
return true;
|
||||
}
|
||||
|
||||
function show($args, $apidata) {
|
||||
parent::handle($args);
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user